I need to be able to store the password submitted in a session, as at present using the php_self method the page is just reloading as if the user has not entered the password correctly (this is happening in Firefox, it actually works fine with no session in Chrome / Safari) and so I believe a session is needed for it to work in FF, but I’m newish to PHP and not sure how I can go about this, here’s the code:
Thanks in advance
<?php
session_start();
$Password = 'hello';
if (isset($_POST['submit_pwd'])){
$pass = isset($_POST['passwd']) ? $_POST['passwd'] : '';
if ($pass != $Password) {
showForm("error", "WRONG PASSWORD");
exit();
}
} else {
showForm();
exit();
}
function showForm($Inputclass="mister", $Placeholder="PLEASE ENTER PASSWORD"){
?>
With HTML:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="pwd" id="pwd">
<input class="<?php echo $Inputclass; ?>" name="passwd" type="password" size="79" style="margin-left: -100px;" placeholder="<?php echo $Placeholder; ?>"/>
<br/>
<input class="text" name="submit_pwd" value="Login" type="image" src="loginkey.png" style="position: relative; left: 240px; top: -35px;">
</form>
If you hit the button, then $_POST[‘submit_pwd_x’] and $_POST[‘submit_pwd_y’] should be set, not $_POST[‘submit_pwd’]
If you hit “enter” then $_POST[‘submit_pwd’], $_POST[‘submit_pwd_x’] or $_POST[‘submit_pwd_y’] should NOT be set – but sometimes are depending on the browser.
You can’t rely on either, so your check if (isset($_POST[‘submit_pwd’])) will be unreliable
The trick is to add a hidden field in the form, and check for sbmission of that hidden field in $_POST.
More details on the answer (based on comment):
PHP is
HTML is
Edit:
If you don’t click on the button (hit enter):
If you click the button: